malwarewikiaorg-20200223-history
Dynostopia
Dynostopia is a trojan horse disguised as a game which was released in 'beta' under Steam's Greenlight program. However, the game contains malware, which is downloaded and proceeds to mess up the user's Steam profile, along with stealing information from the user. History The game's creator had hacked into an active, 11-year old Steam account in attempts to publish the game under Greenlight without suspicion at all. The creator even went as far to create a game trailer for Dynostopia to try to prove its authenticity, and for around 440 people, it worked. Before Steam took the page down, there was a download link on the Dynostopia's Steam Greenlight page that redirects the user to a website. This website would auto-download a RAR archive once the page is visited, which was already fishy in itself. However, people took in mind the game had an Indie status and that it appeared to be a game supported by Valve. Many people unpacked and launched the attached EXE file without a second thought. Only a little while after it was downloaded, users suspected the game was malicious. A Reddit user named /u/toilet-roll found out that the game contained automated scripts that turned over remote access to users’ computers to the hackers, as well as leaving falsely positive reviews for the ‘game’ on Steam, attempting to encourage more people to try out the ‘beta’ and get scammed themselves. Using this, the creators steal the user's sensitive information for themselves. Steam Description This is the description of the steam game before it was deleted: "This is a post-apocalyptic story about two characters who went on a long journey through the lands that people left because of the epidemy. There were not many survivors in the world and those who came through had to return to the era of agriculture and gathering. We will play for the main character whose way runs through the abandoned towns and cities of Russia, vast fields and forests of the country. Who are we, where are we from and where are we going? We will know it only at the end! '' ''This game made in a quest style with some elements of a shooter. '' ''Information on the game will be updated. Since the project is in an active stage of development, i will be looking to gather beta testers. will also be posting new screenshots and video gameplay. Thank for your attention!" Payload Instead of normal means, the trojan works by installing a background program to modify files on the user's PC without permission. Users have reported that after the game would rate itself as positive on Greenlight, it would end up modifying the user's Steam information (Changing their steam description to "Proud supporter of the Dynostopia gameplay beta trials! Get your beta trial now!"), then hack into the user's webcam if they had one, installs a keylogger, and will eventually log the user out of their system, asking for an administrator password before completely corrupting all of the user's files and forcing the user to reformat their drive an install a fresh copy of their operating system. It was later deleted from Steam, making it obsolete malware. The creator was also banned from Steam. Media Reddit - Do NOT download/beta test Dynostopia from Steam Greenlight. It is a Malware. PowerUpGaming: Scammers Use Fake Steam Greenlight Game ‘Dynostopia’ to Distribute Malware Gamecrate: BEWARE OF MALWARE ON STEAM GREENLIGHT The Know: Steam Game Gives You MALWARE! Category:Malicious Games Category:Virus Category:Trojan Category:Win32 trojan Category:Win32 virus Category:Scam Category:Keylogger Category:Win32 Category:MacOS trojan Category:MacOS Category:MacOS virus Category:Microsoft Windows